Exploit iPlanet Certificate Management System 4.2 - Directory Traversal

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
20324
Проверка EDB
  1. Пройдено
Автор
CORE-SDI
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2000-1075
Дата публикации
2000-10-25
Код:
source: https://www.securityfocus.com/bid/1839/info


Acquiring access to known files outside of the web root is possible through directory traversal techniques in both iPlanet Certificate Management System (CMS). This is made possible through the use of "\../" in a HTTP request. The following services are affected by this vulnerability:

- The Agent services server on port 8100/tcp
- The End Entity services server on port 443/tcp (Accessible through SSL)
- The Administrator services server on a random port configured during installation.

https://target/ca/\../\../\../\file.ext
 
Источник
www.exploit-db.com

Похожие темы